http://www.theweek.co.uk/business/60787/atm-hack-lets-criminals-take-wads-of-cash
The Week
9 OCT 2014
A flaw in cash machine software is letting criminals withdraw money
without using a bank card.
Security firm Kaspersky Labs identified the problem, leading Interpol to
mount a widespread investigation across the USA, India, France, Israel,
Malaysia and China.
ATMs infected with malicious software can be instructed to give out 40
notes at once by entering a series of digits on the keypad. Fraudsters do
not require a credit or debit card to carry out the scam.
The hack, known as Tyupkin, requires criminals to enter a unique code into
a machine that has already been compromised by the malware. A second Pin
code – a random sequence of numbers generated at another location – is
also needed to unlock the machine before it will dispense the cash.
Security analysts say that this double-Pin system ensures that the hacker
generating the algorithms maintains control over when and where money can
be stolen.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
